Second `unrar-free` is redundant

[defdefred]

Hello,

Second unrar-free is redundant :-)

function APT_DEPENDENCIES {
echo "${CYAN}Installing dependencies${NORMAL}"
    apt-get update
    apt-get -y install openssl git apache2 apache2-utils libapache2-mod-scgi unrar-free \
    php php-curl php-cli libapache2-mod-php tmux unzip curl mediainfo unrar-free
    CHECKLASTRC
}

function APT_DEPENDENCIES_NOSCGI {
echo "${CYAN}Installing dependencies${NORMAL}"
    apt-get update
    apt-get -y install openssl git apache2 apache2-utils unrar-free \
    php php-curl php-cli libapache2-mod-php tmux unzip curl mediainfo unrar-free
    CHECKLASTRC
}

[defdefred]

Forgot to say that using your script was a great pleasure :-).

A great adding could be fail2ban to protect ssh and apache (looking at the fail2ban log is self motivating).

Another one could be to add a proper filezilla/sftp access protection like:

Match user MyRtorrentUser
    ChrootDirectory /home/MyRtorrentUser/Finished
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp

[Bercik1337]

@defdefred hi, i'll try to take care of PR next week as for fail2ban, sure great idea. if possible try to make one and i'll test it

as for filezilla/sftp. chrooting is an overkill here IMO, I use rt on the same user as mine main account on linux = so I browse my "regular" files together with torrents.

but i'm all in for fail2ban addon!

[defdefred]

With debian 12, fail2ban protection for ssh is easy.

# apt install fail2ban
# cat > /etc/fail2ban/jail.d/sshd.conf << EOT
[sshd]
port    = ssh
backend = systemd
enable = true
EOT
# systemctl restart sshd

Sadly, I still have trouble with the fail2ban configuration for apache2.

Chroot for sftp is useful for me because I'm sharing the box with several friend...